树莓派配置记录
官方网站:
https://www.raspberrypi.org/
产品列表:
https://www.raspberrypi.org/products/
参考文档:
https://www.raspberrypi.org/documentation/
官方杂志(月刊)PDF下载:
https://www.raspberrypi.org/magpi-issues/
官方杂志(月刊)PDF下载:
https://hackspace.raspberrypi.org/issues/
一、写Raspbian镜像到SD卡
下载最新版Raspbian或Raspbian Lite:
http://downloads.raspberrypi.org/raspios_armhf/images/
http://downloads.raspberrypi.org/raspios_full_armhf/images/
http://downloads.raspberrypi.org/raspios_lite_armhf/images/
http://downloads.raspberrypi.org/raspios_arm64/images/
http://downloads.raspberrypi.org/raspios_full_arm64/images/
http://downloads.raspberrypi.org/raspios_lite_arm64/images/
http://downloads.raspberrypi.org/raspios_oldstable_armhf/images/
http://downloads.raspberrypi.org/raspios_oldstable_lite_armhf/images/
校验SHA1并确认无误:
[root@localhost ~]# sha1sum /home/cnman/Downloads/2018-04-18-raspbian-stretch-lite.zip
b324cd7f3015e704543e4710ceecfb4881b77664 /home/cnman/Downloads/2018-04-18-raspbian-stretch-lite.zip
验证签名并确认无误:
[root@localhost ~]# wget https://www.raspberrypi.org/raspberrypi_downloads.gpg.key
[root@localhost ~]# gpg --import raspberrypi_downloads.gpg.key
gpg: key 5484A525: public key "Serge Schneider " imported
gpg: key 956F460C: public key "Raspberry Pi Downloads Signing Key" imported
gpg: Total number processed: 2
gpg: imported: 2 (RSA: 2)
[root@localhost ~]# gpg --verify /home/cnman/Downloads/2018-04-18-raspbian-stretch-lite.zip.sig
gpg: Signature made Wed 18 Apr 2018 08:41:36 PM CST using RSA key ID 956F460C
gpg: Good signature from "Raspberry Pi Downloads Signing Key"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 54C3 DD61 0D9D 1B4A F82A 3775 8738 CD6B 956F 460C
解压:
[root@localhost ~]# unzip /home/cnman/Downloads/2018-04-18-raspbian-stretch-lite.zip
Archive: /home/cnman/Downloads/2018-04-18-raspbian-stretch-lite.zip
inflating: 2018-04-18-raspbian-stretch-lite.img
[root@localhost ~]# sha1sum 2018-04-18-raspbian-stretch-lite.img
3deee39f9a8a98161b201f0178002eb6e31cc0a4 2018-04-18-raspbian-stretch-lite.img
插入SD卡,先查看挂载状态:
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/rhel-root 104G 22G 82G 21% /
devtmpfs 3.8G 0 3.8G 0% /dev
tmpfs 3.8G 184K 3.8G 1% /dev/shm
tmpfs 3.8G 9.9M 3.8G 1% /run
tmpfs 3.8G 0 3.8G 0% /sys/fs/cgroup
/dev/sda1 1014M 227M 788M 23% /boot
tmpfs 769M 4.0K 769M 1% /run/user/42
tmpfs 769M 56K 769M 1% /run/user/1000
/dev/sdb1 42M 21M 21M 51% /run/media/cnman/boot
/dev/sdb2 15G 1.1G 13G 8% /run/media/cnman/673b8ab6-6426-474b-87d3-71bff0fcebc3
tmpfs 769M 0 769M 0% /run/user/0
如果已挂载则需要先卸载:
[root@localhost ~]# umount /dev/sdb1
[root@localhost ~]# umount /dev/sdb2
用 dd 命令写入img镜像:
[root@localhost ~]# dd if=2018-04-18-raspbian-stretch-lite.img of=/dev/sdb bs=1M conv=fsync
注意:没有进度条,请耐心等待完成(7~10分钟)!
写入完成后在boot分区放一个空文件ssh开启远程ssh登录
[root@localhost ~]# touch /run/media/cnman/boot/ssh
2022-04-04起bullseye的新版镜像需要参考
官方文档在boot分区新建userconf.txt,开机自动创建用户:
nano /run/media/cnman/boot/userconf.txt
pi:$6$zp0l98FTWGcurthL$kDbhCtl17ckj2MmFdnU7jDc6ToifOrjyZ5/3n/izIn1z/b4MxXO6XGMLH8g/uurF5tfNLSV0OeLosWVntAeX30
示例为用户名pi,密码raspberry
在boot分区新建wpa_supplicant.conf,开机就可以连上WIFI:
[root@localhost ~]# nano /run/media/cnman/boot/wpa_supplicant.conf
country=CN
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
scan_ssid=1
ssid="Your WIFI SSID"
psk="Your WIFI Password"
}
加入MPEG-2和VC-1解码授权(需单独
购买,与CPU序列号绑定):
[root@localhost ~]# nano /run/media/cnman/boot/config.txt
decode_MPG2=0x4f72f8a4
decode_WVC1=0x8c98ce72
安全退出SD,插入树莓派通电就可以启动了。
二、初始配置
登录路由器管理界面查看树莓派的IP,并用SSH客户端(
PuTTY、
Bitvise SSH Client、
SecureCRT等)登录
初始用户名pi,初始密码raspberry
验证MPEG-2和VC-1解码授权(enabled表示已授权,disabled表示未授权):
pi@raspberrypi:~ $ sudo vcgencmd codec_enabled MPG2
MPG2=enabled
pi@raspberrypi:~ $ sudo vcgencmd codec_enabled WVC1
WVC1=enabled
给树莓派设置静态IP:
pi@raspberrypi:~ $ sudo nano /etc/dhcpcd.conf
文件最后直接添加:
interface eth0
static ip_address=192.168.0.100/24
static routers=192.168.0.1
static domain_name_servers=208.67.222.222 208.67.222.220
interface wlan0
static ip_address=192.168.0.101/24
static routers=192.168.0.1
static domain_name_servers=208.67.222.222 208.67.222.220
pi@raspberrypi:~ $ sudo systemctl daemon-reload
pi@raspberrypi:~ $ sudo systemctl restart dhcpcd.service
pi@raspberrypi:~ $ ip -4 address
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.0.100/24 brd 192.168.0.255 scope global eth0
valid_lft forever preferred_lft forever
3: wlan0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.0.101/24 brd 192.168.0.255 scope global wlan0
valid_lft forever preferred_lft forever
扩展磁盘空间并重启:
使用up↑、down↓、left←、right→及Tab键选择,使用Enter键确认
pi@raspberrypi:~ $ sudo raspi-config
添加国内更新源:
pi@raspberrypi:~ $ sudo nano /etc/apt/sources.list
#deb http://raspbian.raspberrypi.org/raspbian/ stretch main contrib non-free rpi
# Uncomment line below then 'apt-get update' to enable 'apt-get source'
#deb-src http://raspbian.raspberrypi.org/raspbian/ stretch main contrib non-free rpi
#deb http://archive.raspberrypi.org/debian/ stretch main ui
# Uncomment line below then 'apt-get update' to enable 'apt-get source'
#deb-src http://archive.raspberrypi.org/debian/ stretch main ui
deb http://mirrors.zju.edu.cn/raspbian/raspbian stretch main contrib non-free firmware rpi
deb http://mirrors.ustc.edu.cn/raspbian/raspbian stretch main contrib non-free firmware rpi
deb http://mirrors.tuna.tsinghua.edu.cn/raspbian/raspbian stretch main contrib non-free firmware rpi
pi@raspberrypi:~ $ sudo rm /etc/apt/sources.list.d/raspi.list
配置APT,强制IPv4,不装那些非必须的包:
pi@raspberrypi:~ $ sudo nano /etc/apt/apt.conf.d/99force-ipv4
Acquire::ForceIPv4 "true";
pi@raspberrypi:~ $ sudo nano /etc/apt/apt.conf.d/01norecommend
APT::Install-Recommends "0";
APT::Install-Suggests "0";
pi@raspberrypi:~ $ sudo nano /etc/apt/apt.conf.d/99notranslations
Acquire::Languages "none";
更新系统:
pi@raspberrypi:~ $ nano update-and-clean.sh
apt-get update -y
apt-get upgrade -y
apt-get autoremove -y
apt-get clean -y
apt-get autoclean -y
pi@raspberrypi:~ $ chmod +x update-and-clean.sh
pi@raspberrypi:~ $ sudo ./update-and-clean.sh
三、安装配置DNSCrypt Proxy
安装nano和dig等dns工具:
pi@raspberrypi:~ $ sudo apt-get install nano dnsutils -y
安装dnscrypt-proxy:
pi@raspberrypi:~ $ sudo apt-get install rng-tools -y
pi@raspberrypi:~ $ sudo apt-get install dnscrypt-proxy -y
...
Created symlink /etc/systemd/system/multi-user.target.wants/dnscrypt-proxy-resolvconf.service → /lib/systemd/system/dnscrypt-proxy-resolvconf.service.
Created symlink /etc/systemd/system/sockets.target.wants/dnscrypt-proxy.socket → /lib/systemd/system/dnscrypt-proxy.socket.
Created symlink /etc/systemd/system/multi-user.target.wants/dnscrypt-proxy.service → /lib/systemd/system/dnscrypt-proxy.service.
Job for dnscrypt-proxy.service failed because a timeout was exceeded.
See "systemctl status dnscrypt-proxy.service" and "journalctl -xe" for details.
dnscrypt-proxy.service couldn't start.
...
没成功启动,不管它,我们不用默认的这些服务,改用从命令行启动:
pi@raspberrypi:~ $ sudo systemctl stop dnscrypt-proxy.socket
pi@raspberrypi:~ $ sudo systemctl stop dnscrypt-proxy-resolvconf.service
pi@raspberrypi:~ $ sudo systemctl stop dnscrypt-proxy.service
pi@raspberrypi:~ $ sudo systemctl disable dnscrypt-proxy.socket
pi@raspberrypi:~ $ sudo systemctl disable dnscrypt-proxy-resolvconf.service
pi@raspberrypi:~ $ sudo systemctl disable dnscrypt-proxy.service
Cisco的OpenDNS服务器全部支持DNSCrypt:
208.67.222.222:53 #resolver1.opendns.com
208.67.222.222:5353 #resolver1.opendns.com
208.67.222.222:443 #resolver1.opendns.com
208.67.220.220:53 #resolver2.opendns.com
208.67.220.220:5353 #resolver2.opendns.com
208.67.220.220:443 #resolver2.opendns.com
208.67.222.220:53 #resolver3.opendns.com
208.67.220.222:53 #resolver4.opendns.com
2620:0:ccc::2 #resolver1.ipv6-sandbox.opendns.com
2620:0:ccd::2 #resolver2.ipv6-sandbox.opendns.com
208.67.222.123:53 #resolver1-fs.opendns.com(有过滤)
208.67.222.123:443 #resolver1-fs.opendns.com(有过滤)
208.67.220.123:53 #resolver2-fs.opendns.com(有过滤)
208.67.220.123:443 #resolver2-fs.opendns.com(有过滤)
pi@raspberrypi:~ $ sudo nano /lib/systemd/system/dnscrypt-proxy-cl-resolver2-443.service
[Unit]
Description=DNSCrypt client proxy - Command Line 208.67.220.220:443
Documentation=man:dnscrypt-proxy(8)
After=network.target
Before=nss-lookup.target
[Install]
WantedBy=multi-user.target
[Service]
Type=notify
NonBlocking=true
ExecStart=/usr/sbin/dnscrypt-proxy --local-address=127.0.0.1:9995 --resolver-name=cisco --provider-name=2.dnscrypt-cert.opendns.com --provider-key=B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79 --resolver-address=208.67.220.220:443 --max-active-requests=65535 --tcp-only
Restart=always
ProtectSystem=strict
ProtectHome=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectControlGroups=true
MemoryDenyWriteExecute=true
RestrictRealtime=true
按上面格式创建8个分别监听在9991~9998端口给unbound用,以达到“东方不亮西方亮”的效果:
pi@raspberrypi:~ $ sudo systemctl daemon-reload
pi@raspberrypi:~ $ sudo systemctl enable dnscrypt-proxy-cl-resolver1-53.service
pi@raspberrypi:~ $ sudo systemctl enable dnscrypt-proxy-cl-resolver1-443.service
pi@raspberrypi:~ $ sudo systemctl enable dnscrypt-proxy-cl-resolver1-5353.service
pi@raspberrypi:~ $ sudo systemctl enable dnscrypt-proxy-cl-resolver2-53.service
pi@raspberrypi:~ $ sudo systemctl enable dnscrypt-proxy-cl-resolver2-443.service
pi@raspberrypi:~ $ sudo systemctl enable dnscrypt-proxy-cl-resolver2-5353.service
pi@raspberrypi:~ $ sudo systemctl enable dnscrypt-proxy-cl-resolver3-53.service
pi@raspberrypi:~ $ sudo systemctl enable dnscrypt-proxy-cl-resolver4-53.service
pi@raspberrypi:~ $ sudo systemctl start dnscrypt-proxy-cl-resolver1-53.service
pi@raspberrypi:~ $ sudo systemctl start dnscrypt-proxy-cl-resolver1-443.service
pi@raspberrypi:~ $ sudo systemctl start dnscrypt-proxy-cl-resolver1-5353.service
pi@raspberrypi:~ $ sudo systemctl start dnscrypt-proxy-cl-resolver2-53.service
pi@raspberrypi:~ $ sudo systemctl start dnscrypt-proxy-cl-resolver2-443.service
pi@raspberrypi:~ $ sudo systemctl start dnscrypt-proxy-cl-resolver2-5353.service
pi@raspberrypi:~ $ sudo systemctl start dnscrypt-proxy-cl-resolver3-53.service
pi@raspberrypi:~ $ sudo systemctl start dnscrypt-proxy-cl-resolver4-53.service
pi@raspberrypi:~ $ sudo netstat -tulpn | grep dnscrypt-proxy
tcp 0 0 127.0.0.1:9991 0.0.0.0:* LISTEN 1057/dnscrypt-proxy
tcp 0 0 127.0.0.1:9992 0.0.0.0:* LISTEN 1068/dnscrypt-proxy
tcp 0 0 127.0.0.1:9993 0.0.0.0:* LISTEN 1078/dnscrypt-proxy
tcp 0 0 127.0.0.1:9994 0.0.0.0:* LISTEN 1088/dnscrypt-proxy
tcp 0 0 127.0.0.1:9995 0.0.0.0:* LISTEN 1098/dnscrypt-proxy
tcp 0 0 127.0.0.1:9996 0.0.0.0:* LISTEN 1108/dnscrypt-proxy
tcp 0 0 127.0.0.1:9997 0.0.0.0:* LISTEN 1118/dnscrypt-proxy
tcp 0 0 127.0.0.1:9998 0.0.0.0:* LISTEN 1128/dnscrypt-proxy
udp 0 0 127.0.0.1:9991 0.0.0.0:* 1057/dnscrypt-proxy
udp 0 0 127.0.0.1:9992 0.0.0.0:* 1068/dnscrypt-proxy
udp 0 0 127.0.0.1:9993 0.0.0.0:* 1078/dnscrypt-proxy
udp 0 0 127.0.0.1:9994 0.0.0.0:* 1088/dnscrypt-proxy
udp 0 0 127.0.0.1:9995 0.0.0.0:* 1098/dnscrypt-proxy
udp 0 0 127.0.0.1:9996 0.0.0.0:* 1108/dnscrypt-proxy
udp 0 0 127.0.0.1:9997 0.0.0.0:* 1118/dnscrypt-proxy
udp 0 0 127.0.0.1:9998 0.0.0.0:* 1128/dnscrypt-proxy
四、安装配置Unbound
DNSCrypt Proxy v1.x没有缓存功能,因此才需要安装Unbound
pi@raspberrypi:~ $ sudo apt-get install unbound -y
pi@raspberrypi:~ $ sudo nano /etc/unbound/unbound.conf
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
#include: "/etc/unbound/unbound.conf.d/*.conf"
server:
# Send minimum amount of information to upstream servers to enhance
# privacy. Only sends minimum required labels of the QNAME and sets
# QTYPE to NS when possible.
# See RFC 7816 "DNS Query Name Minimisation to Improve Privacy" for
# details.
# qname-minimisation: yes
# The following line will configure unbound to perform cryptographic
# DNSSEC validation using the root trust anchor.
# auto-trust-anchor-file: "/var/lib/unbound/root.key"
logfile: "/var/log/unbound.log"
use-syslog: no
log-time-ascii: yes
log-queries: yes
verbosity: 1
interface: 0.0.0.0
# interface: ::0
# interface-automatic: yes
port: 53
statistics-interval: 3600
statistics-cumulative: yes
extended-statistics: yes
do-not-query-localhost: no
prefetch: yes
do-ip4: yes
# do-ip6: yes
do-udp: yes
do-tcp: yes
# tcp-upstream: yes
root-hints: "/etc/unbound/named.cache"
hide-identity: yes
hide-version: yes
cache-min-ttl: 1800
access-control: 0.0.0.0/0 allow
# access-control: ::0/0 allow
include: "/etc/unbound/unbound.blacklist.ips.conf"
include: "/etc/unbound/unbound.local-zone.blacklist.domains.conf"
#include: "/etc/unbound/unbound.local-zone.hosts.conf"
include: "/etc/unbound/unbound.forward-zone.China.conf"
forward-zone:
name: "."
forward-addr: 127.0.0.1@9991
forward-addr: 127.0.0.1@9992
forward-addr: 127.0.0.1@9993
forward-addr: 127.0.0.1@9994
forward-addr: 127.0.0.1@9995
forward-addr: 127.0.0.1@9996
forward-addr: 127.0.0.1@9997
forward-addr: 127.0.0.1@9998
remote-control:
control-enable: yes
control-use-cert: yes
control-interface: 127.0.0.1
# control-interface: ::1
control-port: 8953
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
pi@raspberrypi:~ $ sudo rm /etc/unbound/unbound.conf.d/qname-minimisation.conf
pi@raspberrypi:~ $ sudo rm /etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf
pi@raspberrypi:~ $ sudo touch /var/log/unbound.log
pi@raspberrypi:~ $ sudo chmod 666 /var/log/unbound.log
pi@raspberrypi:~ $ sudo wget -N https://github.com/CNMan/unbound.conf/raw/master/unbound/unbound.blacklist.ips.conf --directory-prefix=/etc/unbound
pi@raspberrypi:~ $ sudo wget -N https://github.com/CNMan/unbound.conf/raw/master/unbound/unbound.forward-zone.China.conf --directory-prefix=/etc/unbound
pi@raspberrypi:~ $ sudo wget -N https://github.com/CNMan/unbound.conf/raw/master/unbound/unbound.local-zone.blacklist.domains.conf --directory-prefix=/etc/unbound
pi@raspberrypi:~ $ sudo wget -N https://github.com/CNMan/unbound.conf/raw/master/unbound/unbound.local-zone.hosts.conf --directory-prefix=/etc/unbound
pi@raspberrypi:~ $ sudo wget -N https://www.internic.net/domain/named.cache --directory-prefix=/etc/unbound
pi@raspberrypi:~ $ sudo systemctl restart unbound.service
pi@raspberrypi:~ $ sudo netstat -tulpn | grep unbound
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 885/unbound
tcp 0 0 127.0.0.1:8953 0.0.0.0:* LISTEN 885/unbound
udp 0 0 0.0.0.0:53 0.0.0.0:* 885/unbound
pi@raspberrypi:~ $ cat /etc/resolv.conf
# Generated by resolvconf
nameserver 127.0.0.1
pi@raspberrypi:~ $ sudo reboot
重启系统,发现一切都正常:
pi@raspberrypi:~ $ sudo netstat -tulpn | grep dnscrypt-proxy
tcp 0 0 127.0.0.1:9991 0.0.0.0:* LISTEN 411/dnscrypt-proxy
tcp 0 0 127.0.0.1:9992 0.0.0.0:* LISTEN 403/dnscrypt-proxy
tcp 0 0 127.0.0.1:9993 0.0.0.0:* LISTEN 405/dnscrypt-proxy
tcp 0 0 127.0.0.1:9994 0.0.0.0:* LISTEN 408/dnscrypt-proxy
tcp 0 0 127.0.0.1:9995 0.0.0.0:* LISTEN 417/dnscrypt-proxy
tcp 0 0 127.0.0.1:9996 0.0.0.0:* LISTEN 402/dnscrypt-proxy
tcp 0 0 127.0.0.1:9997 0.0.0.0:* LISTEN 415/dnscrypt-proxy
tcp 0 0 127.0.0.1:9998 0.0.0.0:* LISTEN 413/dnscrypt-proxy
udp 0 0 127.0.0.1:9991 0.0.0.0:* 411/dnscrypt-proxy
udp 0 0 127.0.0.1:9992 0.0.0.0:* 403/dnscrypt-proxy
udp 0 0 127.0.0.1:9993 0.0.0.0:* 405/dnscrypt-proxy
udp 0 0 127.0.0.1:9994 0.0.0.0:* 408/dnscrypt-proxy
udp 0 0 127.0.0.1:9995 0.0.0.0:* 417/dnscrypt-proxy
udp 0 0 127.0.0.1:9996 0.0.0.0:* 402/dnscrypt-proxy
udp 0 0 127.0.0.1:9997 0.0.0.0:* 415/dnscrypt-proxy
udp 0 0 127.0.0.1:9998 0.0.0.0:* 413/dnscrypt-proxy
pi@raspberrypi:~ $ sudo netstat -tulpn | grep unbound
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 460/unbound
tcp 0 0 127.0.0.1:8953 0.0.0.0:* LISTEN 460/unbound
udp 0 0 0.0.0.0:53 0.0.0.0:* 460/unbound
pi@raspberrypi:~ $ cat /etc/resolv.conf
# Generated by resolvconf
nameserver 127.0.0.1
五、Socks5代理
SSH Tunnel Proxy 开机自动启动:
安装sshpass,用于自动加载密码:
pi@raspberrypi:~ $ sudo apt-get install sshpass -y
把密码写在文件sshpassus里:
pi@raspberrypi:~ $ sudo nano sshpassus
usvpspassword
防掉线设置:
pi@raspberrypi:~ $ sudo nano sshconfig
ServerAliveInterval 120
ServerAliveCountMax 3
创建并启用开机启动脚本:
pi@raspberrypi:~ $ sudo nano /lib/systemd/system/sshtunnelproxy-us.service
[Unit]
Description = SSH Tunnel Proxy - US
Wants = network-online.target
After = network.target network-online.target
[Service]
Type = oneshot
ExecStart = /usr/bin/sshpass -f /home/pi/sshpassus /usr/bin/ssh -F /home/pi/sshconfig -p 22 -N -D 0.0.0.0:1080 usvpsuser@usvpsip
[Install]
WantedBy = multi-user.target
pi@raspberrypi:~ $ sudo systemctl daemon-reload
pi@raspberrypi:~ $ sudo systemctl enable sshtunnelproxy-us.service
pi@raspberrypi:~ $ sudo systemctl start sshtunnelproxy-us.service
照猫画虎,可以创建sshtunnelproxy-tw、sshtunnelproxy-hk等,监听在不同端口即可。这样就可以给下面的polipo转为http代理了。当然很多程序现在都可以直接用socks5代理了(firefox、Chrome、Telegram都支持)
六、HTTP(S)代理
有些程序不支持socks5代理,我们安装Polipo来将socks5代理转为http代理:
pi@raspberrypi:~ $ sudo apt-get install polipo -y
没如前文配置APT的话,会附带安装dnsmasq,没啥用,直接禁用掉:
pi@raspberrypi:~ $ sudo systemctl disable dnsmasq.service
修改polipo配置:
pi@raspberrypi:~ $ sudo nano /etc/polipo/config
logSyslog = true
logFile = /var/log/polipo/polipo.log
proxyAddress = 0.0.0.0
socksParentProxy = 127.0.0.1:1080
socksProxyType = socks5
allowedPorts = 1-65535
tunnelAllowedPorts = 1-65535
pi@raspberrypi:~ $ sudo systemctl restart polipo.service
pi@raspberrypi:~ $ sudo netstat -tulpn | grep polipo
tcp 0 0 0.0.0.0:8123 0.0.0.0:* LISTEN 356/polipo
这样就有一个监听在8123端口的http代理了。
七、其他杂项
参考
https://cnman.github.io/?p=371和
https://elinux.org/RPi_HardwareHistory,查看CPU型号,判断树莓派产地及生产商:
pi@raspberrypi:~ $ sudo cat /proc/cpuinfo
processor : 0
model name : ARMv7 Processor rev 5 (v7l)
BogoMIPS : 38.40
Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x0
CPU part : 0xc07
CPU revision : 5
processor : 1
model name : ARMv7 Processor rev 5 (v7l)
BogoMIPS : 38.40
Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x0
CPU part : 0xc07
CPU revision : 5
processor : 2
model name : ARMv7 Processor rev 5 (v7l)
BogoMIPS : 38.40
Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x0
CPU part : 0xc07
CPU revision : 5
processor : 3
model name : ARMv7 Processor rev 5 (v7l)
BogoMIPS : 38.40
Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x0
CPU part : 0xc07
CPU revision : 5
Hardware : BCM2835
Revision : a01041
Serial : 000000003a914691
注意:4.9以上内核所有Pi的Hardware都显示BCM2835,不能准确区分为BCM2835、BCM2836、BCM2837,可用下面命令查看Pi版本:
pi@raspberrypi:~ $ cat /proc/device-tree/model
Raspberry Pi 2 Model B Rev 1.1